GAQM CEH-001 Online Practice Questions and Exam Preparation

GAQM CEH-001 Online Questions & Answers

• Question 311:

  You establish a new Web browser connection to Google. Since a 3-way handshake is required for any TCP connection, the following actions will take place.

  

  DNS query is sent to the DNS server to resolve www.google.com DNS server replies with the IP address for Google? SYN packet is sent to Google. Google sends back a SYN/ACK packet Your computer completes the handshake by sending an ACK The connection is established and the transfer of data commences

  Which of the following packets represent completion of the 3-way handshake?

  A. 4th packet
  B. 3rdpacket
  C. 6th packet
  D. 5th packet
  D. 5th packet

• Question 312:

  Exhibit:

  

  The following is an entry captured by a network IDS.You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a

  buffer overflow attack. You also notice "/bin/sh" in the ASCII part of the output.

  As an analyst what would you conclude about the attack?

  A. The buffer overflow attack has been neutralized by the IDS
  B. The attacker is creating a directory on the compromised machine
  C. The attacker is attempting a buffer overflow attack and has succeeded
  D. The attacker is attempting an exploit that launches a command-line shell
  D. The attacker is attempting an exploit that launches a command-line shell

• Question 313:

  The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses which of the following?

  A. Multiple keys for non-repudiation of bulk data
  B. Different keys on both ends of the transport medium
  C. Bulk encryption for data transmission over fiber
  D. The same key on each end of the transmission medium
  D. The same key on each end of the transmission medium

• Question 314:

  One of your team members has asked you to analyze the following SOA record. What is the TTL?

  Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600

  3600 604800 2400.

  A. 200303028
  B. 3600
  C. 604800
  D. 2400
  E. 60
  F. 4800
  D. 2400

• Question 315:

  Every company needs a formal written document which spells out to employees precisely what they are allowed to use the company's systems for, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to every employee as soon as possible after they join the organization. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company's computer systems until they have signed the policy in acceptance of its terms. What is this document called?

  A. Information Audit Policy (IAP)
  B. Information Security Policy (ISP)
  C. Penetration Testing Policy (PTP)
  D. Company Compliance Policy (CCP)
  B. Information Security Policy (ISP)

• Question 316:

  What ICMP message types are used by the ping command?

  A. Timestamp request (13) and timestamp reply (14)
  B. Echo request (8) and Echo reply (0)
  C. Echo request (0) and Echo reply (1)
  D. Ping request (1) and Ping reply (2)
  B. Echo request (8) and Echo reply (0)

• Question 317:

  You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?

  A. Encrypt the Sales.xls using PGP and e-mail it to your personal gmail account
  B. Package the Sales.xls using Trojan wrappers and telnet them back your home computer
  C. You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an innocent looking email or file transfer using Steganography techniques
  D. Change the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account
  C. You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an innocent looking email or file transfer using Steganography techniques

• Question 318:

  You are footprinting an organization and gathering competitive intelligence. You visit the company's website for contact information and telephone numbers but do not find them listed there. You know they had the entire staff directory listed on their website 12 months ago but now it is not there. Is there any way you can retrieve information from a website that is outdated?

  A. Visit Google's search engine and view the cached copy
  B. Crawl the entire website and store them into your computer
  C. Visit Archive.org web site to retrieve the Internet archive of the company's website
  D. Visit the company's partners and customers website for this information
  C. Visit Archive.org web site to retrieve the Internet archive of the company's website

• Question 319:

  Which initial procedure should an ethical hacker perform after being brought into an organization?

  A. Begin security testing.
  B. Turn over deliverables.
  C. Sign a formal contract with non-disclosure.
  D. Assess what the organization is trying to protect.
  C. Sign a formal contract with non-disclosure.

• Question 320:

  _________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

  A. Trojan
  B. RootKit
  C. DoS tool
  D. Scanner
  E. Backdoor
  B. RootKit